Lucas Savva
377c6bcefc
nixos/acme: Add defaults and inheritDefaults option
...
Allows configuring many default settings for certificates,
all of which can still be overridden on a per-cert basis.
Some options have been moved into .defaults from security.acme,
namely email, server, validMinDays and renewInterval. These
changes will not break existing configurations thanks to
mkChangedOptionModule.
With this, it is also now possible to configure DNS-01 with
web servers whose virtualHosts utilise enableACME. The only
requirement is you set `acmeRoot = null` for each vhost.
The test suite has been revamped to cover these additions
and also to generally make it easier to maintain. Test config
for apache and nginx has been fully standardised, and it
is now much easier to add a new web server if it follows
the same configuration patterns as those two. I have also
optimised the use of switch-to-configuration which should
speed up testing.
2021-12-26 16:44:10 +00:00
Lucas Savva
a7f0001328
nixos/acme: Check for revoked certificates
...
Closes #129838
It is possible for the CA to revoke a cert that has not yet
expired. We must run lego to validate this before expiration,
but we must still ignore failures on unexpired certs to retain
compatibility with #85794
Also changed domainHash logic such that a renewal will only
be attempted at all if domains are unchanged, and do a full
run otherwises. Resolves #147540 but will be partially
reverted when go-acme/lego#1532 is resolved + available.
2021-12-26 16:44:09 +00:00
Lucas Savva
87403a0b07
nixos/acme: Add a human readable error on run failure
...
Closes NixOS/nixpkgs#108237
When a user first adds an ACME cert to their configuration,
it's likely to fail to renew due to DNS misconfig. This is
non-fatal for other services since selfsigned certs are
(usually) put in place to let dependant services start.
Tell the user about this in the logs, and exit 2 for
differentiation purposes.
2021-12-26 16:44:08 +00:00
Lucas Savva
a88d846b91
nixos/acme: Remove selfsignedDeps from finished targets
...
selfsignedDeps is already appended to the after and wants
of a cert's renewal service, making these redundant.
You can see this if you run the following command:
systemctl list-dependencies --all --reverse acme-selfsigned-mydomain.com.service
2021-12-26 16:44:07 +00:00
Bernardo Meurer
52c1d49b71
Merge pull request #152058 from r-ryantm/auto-update/klipper
...
klipper: unstable-2021-12-02 -> unstable-2021-12-24
2021-12-26 16:31:26 +00:00
Mario Rodas
42aefef238
Merge pull request #151787 from r-ryantm/auto-update/shadowsocks-rust
...
shadowsocks-rust: 1.12.4 -> 1.12.5
2021-12-26 11:28:26 -05:00
Mario Rodas
c2dc374df0
Merge pull request #152215 from r-ryantm/auto-update/tflint
...
tflint: 0.34.0 -> 0.34.1
2021-12-26 11:28:04 -05:00
Bernardo Meurer
60b29ec731
Merge pull request #151139 from TredwellGit/firmwareLinuxNonfree
...
firmwareLinuxNonfree: 20211027 -> 20211216
2021-12-26 16:22:25 +00:00
Bobby Rong
fa5e153653
Merge pull request #152231 from bobby285271/vala-lint
...
vala-lint: unstable-2021-02-17 -> unstable-2021-11-18
2021-12-26 23:02:23 +08:00
Pavol Rusnak
3f50bcc917
Merge pull request #149912 from prusnak/python3-trezor
...
python3Packages.trezor: 0.12.4 -> 0.13.0
2021-12-26 15:39:53 +01:00
Pavol Rusnak
9591b406c4
Merge pull request #152224 from TredwellGit/electron
...
Update Electron
2021-12-26 15:28:28 +01:00
ajs124
d398a58def
Merge pull request #151661 from r-ryantm/auto-update/wrk
...
wrk: 4.1.0 -> 4.2.0
2021-12-26 15:09:44 +01:00
ajs124
648f7f2a63
Merge pull request #151581 from symphorien/xapian-update-3
...
dovecot_fts_xapian: 1.4.14 -> 1.5.2
2021-12-26 15:06:38 +01:00
ajs124
89ab1a6425
Merge pull request #151754 from r-ryantm/auto-update/sope
...
sope: 5.3.0 -> 5.4.0
2021-12-26 15:00:21 +01:00
Bobby Rong
729053d2e8
vala-lint: unstable-2021-02-17 -> unstable-2021-11-18
2021-12-26 21:59:46 +08:00
Fabian Affolter
886a19da65
Merge pull request #152202 from fabaff/bump-checkov
...
checkov: 2.0.690 -> 2.0.692
2021-12-26 14:12:44 +01:00
ajs124
cfcbe0d16d
sogo: 5.3.0 -> 5.4.0
2021-12-26 13:51:06 +01:00
TredwellGit
f3a39a335f
electron_16: 16.0.4 -> 16.0.5
...
https://github.com/electron/electron/releases/tag/v16.0.5
2021-12-26 12:29:06 +00:00
TredwellGit
760cec731e
electron_15: 15.3.3 -> 15.3.4
...
https://github.com/electron/electron/releases/tag/v15.3.4
2021-12-26 12:28:34 +00:00
TredwellGit
6c011c17a0
electron_14: 14.2.2 -> 14.2.3
...
https://github.com/electron/electron/releases/tag/v14.2.3
2021-12-26 12:28:14 +00:00
7c6f434c
ea7b03bf80
Merge pull request #152208 from 7c6f434c/monotone-pin-boost-170
...
monotone: ping boost_170 to fix build
2021-12-26 11:44:08 +00:00
Bobby Rong
f5dd11f444
Merge pull request #150357 from r-ryantm/auto-update/acpid
...
acpid: 2.0.32 -> 2.0.33
2021-12-26 19:31:20 +08:00
R. Ryantm
f313995768
tflint: 0.34.0 -> 0.34.1
2021-12-26 11:29:08 +00:00
Bobby Rong
24dfe901e5
Merge pull request #151511 from r-ryantm/auto-update/frugal
...
frugal: 3.14.10 -> 3.14.11
2021-12-26 19:19:57 +08:00
Vladimír Čunát
8de62ec192
Merge #148163 : uwsgi: fix with php 8, bump to 2.0.20
2021-12-26 12:18:51 +01:00
Bobby Rong
b240efeea6
Merge pull request #151967 from r-ryantm/auto-update/steampipe
...
steampipe: 0.10.0 -> 0.11.0
2021-12-26 19:03:44 +08:00
Bobby Rong
75f0630226
Merge pull request #152144 from r-ryantm/auto-update/libtraceevent
...
libtraceevent: 1.4.0 -> 1.5.0
2021-12-26 18:59:38 +08:00
Bobby Rong
345460519a
Merge pull request #152146 from r-ryantm/auto-update/libplctag
...
libplctag: 2.4.6 -> 2.4.7
2021-12-26 18:59:06 +08:00
Bobby Rong
138815ad64
Merge pull request #152172 from r-ryantm/auto-update/alfis
...
alfis: 0.6.9 -> 0.6.10
2021-12-26 18:33:32 +08:00
Michael Raskin
388b7ecfa0
monotone: ping boost_170 to fix build
2021-12-26 11:19:08 +01:00
Bobby Rong
26b19877bf
Merge pull request #152206 from andreasfelix/vala-language-server-0.48.4
...
vala-language-server: 0.48.3 → 0.48.4
2021-12-26 17:34:37 +08:00
udf
e159658bf5
nicotine-plus: 3.1.1 -> 3.2.0
2021-12-26 10:27:32 +01:00
udf
896259096e
nicotine-plus: Fix crash when opening file dialog, closes #142014
2021-12-26 10:27:32 +01:00
Fabian Affolter
7ecb4299a7
checkov: 2.0.690 -> 2.0.692
2021-12-26 10:02:31 +01:00
Felix Andreas
40545515e5
vala-language-server: 0.48.3 → 0.48.4
2021-12-26 08:53:42 +00:00
Vincent Laporte
6fcc9f249f
ocamlPackages.ocaml-migrate-parsetree-2: 2.2.0 → 2.3.0
2021-12-26 09:51:00 +01:00
Vladimír Čunát
fd0df9f56f
Merge #152166 : cffi: disable tests on aarch64-darwin
2021-12-26 09:41:27 +01:00
Bobby Rong
4e6d70e625
Merge pull request #152134 from r-ryantm/auto-update/lsp-plugins
...
lsp-plugins: 1.1.30 -> 1.1.31
2021-12-26 16:05:12 +08:00
Felix Buehler
fedde5d24f
woeusb-ng: init at 0.2.10
2021-12-26 08:45:17 +01:00
Bobby Rong
f016dd04c7
Merge pull request #152182 from legendofmiracles/update/tmpail
...
tmpmail: 1.1.4 -> 1.1.9
2021-12-26 14:09:28 +08:00
adisbladis
f8024fe9a5
Merge pull request #152184 from lionello/update-poetry2nix
...
poetry2nix: 1.21.0 -> 1.22.0
2021-12-26 18:00:59 +12:00
Ben Siraphob
14fc00eddc
Merge pull request #152185 from siraben/deadpixi-sam-update
2021-12-26 12:37:45 +07:00
Bobby Rong
b15164af88
Merge pull request #151360 from wishfort36/master
...
tiramisu: unstable-2021-05-20 -> 2.0.20211107
2021-12-26 13:33:47 +08:00
Bobby Rong
bcb5b72442
Merge pull request #151962 from r-ryantm/auto-update/clapper
...
clapper: 0.4.0 -> 0.4.1
2021-12-26 13:21:35 +08:00
Dmitry Kalinkin
87cf1dd1b2
Merge pull request #152010 from fgaz/warzone2100/4.2.4
...
warzone2100: 4.2.3 -> 4.2.4, add version test
2021-12-26 00:20:35 -05:00
Dmitry Kalinkin
cedc24590b
Merge pull request #151903 from prusnak/qt5-darwin-stdenv
...
qt5{12,14,15}: use default stdenv on darwin
2021-12-26 00:17:44 -05:00
Bobby Rong
0b19ab7f6e
Merge pull request #151472 from r-ryantm/auto-update/last-resort
...
last-resort: 13.001 -> 14.000
2021-12-26 13:17:06 +08:00
Bobby Rong
4c5906c948
Merge pull request #151707 from r-ryantm/auto-update/tgt
...
tgt: 1.0.80 -> 1.0.81
2021-12-26 13:07:12 +08:00
Ben Siraphob
10bca26212
deadpixi-sam-unstable: 2017-10-27 -> 2020-07-14
2021-12-26 11:54:31 +07:00
Bobby Rong
77116ca839
tgt: update meta.homepage
2021-12-26 12:51:59 +08:00